Cloudflare offers security and reliability services to millions of websites, helping prevent online abuse and make the Internet more secure. When it comes to reports of abuse on websites that use our services, our ability to respond depends on the type of Cloudflare service at issue. Most abuse reports we receive pertain to websites that use our pass-through security and content delivery network (CDN) services, while far fewer reports relate to websites using our registrar services or our services to host content at the edge. Because Cloudflare offers a variety of Internet infrastructure services to users, our abuse reporting system is designed with those different services in mind.
Cloudflare’s approach to abuse reflects the nature of our infrastructure services, which are fundamentally distinct from services like social media platforms and search engines that are designed to interact with and curate content. While content curator services are designed around moderating content, infrastructure services operate without content-based distinction to help make the Internet function more securely, efficiently, and reliably. These differences can be visualized in a stack, where services at the top of the stack are better positioned to address abuse in the first instance.
Everyone benefits from a well-functioning Internet infrastructure, just like other physical infrastructure, and we believe that infrastructure services should generally be made available in a content-neutral way. That is particularly true for services that protect users and customers from cyber attacks.
Cloudflare’s abuse reporting system is designed to ensure that abuse complaints related to content can be addressed by those service providers higher in the stack, and to identify those instances in which action lower down the stack is appropriate.
Even within the category of Internet infrastructure, different types of services have different abilities to address abusive content. While a hosting provider may be able to effectively remove particular content from a website, other services involved in the transmission of content generally cannot. In addition to being ineffective, attempts to address abuse through cybersecurity services can have unintended consequences and make the broader Internet less secure. Laws like the United States' Digital Millennium Copyright Act and the EU’s Ecommerce Directive reflect this reality by creating a framework for addressing abuse that distinguishes among hosting services, caching services, and mere conduit services.
If you are submitting an abuse report to us because our IP address appears in the WHOIS and DNS records for a website, it is very likely that the website is one of millions of websites that use our pass-through security and content distribution network (CDN) services. Our IP address appears in the WHOIS and DNS records for those websites because of the nature of our security services. If a website uses Cloudflare’s registrar services, that will be reflected in the WHOIS records for the website. If Cloudflare might qualify as the origin hosting provider because of the use of services such as Cloudflare Stream, Cloudflare Pages, Cloudflare Workers, Cloudflare Workers KV, and Cloudflare Images that can definitively store content, our systems will account for those services in processing your report.
The vast majority of abuse reports that we receive are about websites using our pass-through security, and content distribution network (CDN) services. Cloudflare does not host content through those services, and we cannot remove content from the Internet that we do not host.
Our abuse reporting system is therefore designed to ensure that your report gets to the parties best positioned to address your complaint: the website operator and the hosting provider for the website on which the content is posted. When you submit a report relating to a website using these services, we will take the following steps: